openfire build(2)

InterceptorManager 
PluginManager

openfire 插件的中servlet 在web-custom.xml 中的配置 url 一定要小写,访问时不区别大写小 否则404
如:

  <servlet>

    <servlet-name>Sample1Servlet</servlet-name>

        <servlet-class>com.myyule.openfire.plugin.Sample1Servlet</servlet-class>

    </servlet>

    <servlet-mapping>

        <servlet-name>Sample1Servlet</servlet-name>

        <url-pattern>/servlet1</url-pattern>

  <!-- 此处一定要小写,访问时大小时无关,否则404

  http://127.0.0.1:9090/plugins/sample/ServLet1 也可以访问成功

   -->

    </servlet-mapping>



自定用户表:

--设置JDBC连接方式
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcProvider.connectionString',

'jdbc:oracle:thin:@10.35.246.178:1521:orcl');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcProvider.driver', 'oracle.jdbc.driver.OracleDriver');

--设置管理员账号
insert into OFPROPERTY (NAME, PROPVALUE)
values ('admin.authorizedJIDs', 'admin@localhost');

--自定义用户认证
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcAuthProvider.useConnectionProvider', 'true');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcAuthProvider.passwordSQL', 'select ''123456'' as pwd from

t_sys_user t where t.code=?');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcAuthProvider.passwordType', 'plain');

--自定义用户管理
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.allUsersSQL', 'select code from t_sys_user

t');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.nameField', 'name');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.searchSQL', 'select code from t_sys_user t

where code=?');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.useConnectionProvider', 'true');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.emailField', 'email');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.userCountSQL', 'select count(*) from

t_sys_user t');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.loadUserSQL', 'select t.name,t.email,t.code

from t_sys_user t where t.code=?');
insert into OFPROPERTY (NAME, PROPVALUE)
values ('jdbcUserProvider.usernameField', 'code');

--使用不同的数据源
update OFPROPERTY set

PROPVALUE='org.jivesoftware.openfire.user.JDBCUserProvider'
where NAME='provider.user.className';
update OFPROPERTY set

PROPVALUE='org.jivesoftware.openfire.auth.JDBCAuthProvider'
where NAME='provider.auth.className';
commit;

 

openfire 包错误 的类型与情形

在 org.xmpp.packet.PacketError 类中 
Type:可用的类型: 
       Error.Type. cancel --do not retry (the error is unrecoverable).  
       不要重试(错误是不可恢复) 
Error.Type. continue_processing -- proceed (the condition was only a warning). Equivalent to the XMPP error type "continue".  
       继续(条件只有一个警告)。这表示存在"continue"错误代码在XMPP中;  因为"continue"在Java中是保留的关键字(enum的名称已被更改)。 
Error.Type. modify -- retry after changing the data sent.  
       更改发送数据后重试。 
Eror.Type. auth -- retry after providing credentials.  
       提供凭据后重试。 
Error.Type. wait -- retry after waiting (the error is temporary).  

       等待后重试(错误是暂时的)。

 

Condition 安全 枚举 类型的错误条件:

          bad_request("bad-request", Type.modify, 400),  

         /**

         * 发件人发送的XML是不正确格式或不能处理的 
         *(例如,一个IQ节,其中包括一个无法识别的'type'属性) ; 
         * 关联的错误类型应该为"modify"。 
         *  
         * The sender has sent XML that is malformed or that cannot be processed 
         * (e.g., an IQ stanza that includes an unrecognized value of the 'type' 
         * attribute); the associated error type SHOULD be "modify". 
         */

        conflict("conflict", Type.cancel, 409), 
        /** 
         * 访问不能被授权,因为一个正存在的资源或会话与原来存在的名称或地址相同; 
         * 关联的错误类型应该为"cancel" 。 
         * 
         * Access cannot be granted because an existing resource or session 
         * exists with the same name or address; the associated error type 
         * SHOULD be "cancel". 
         */

           feature_not_implemented("feature-not-implemented", Type.cancel, 501), 
        /** 
         * 请求的功能没有被由收件人或服务器实现,因此不能被处理; 
         * 关联的错误类型应该为"cancel" 。 
         * 
         * The feature requested is not implemented by the recipient or 
         * server and therefore cannot be processed; the associated error 
         * type SHOULD be "cancel". 
         */

            forbidden("forbidden", Type.auth, 403), 
        /** 
         * 正在请求的实体不具备所需的权限来完成操作; 
         * 关联的错误类型应该为"auth" 。 
         * 
         * The requesting entity does not possess the required permissions to 
         * perform the action; the associated error type SHOULD be "auth". 
         */ 
 

          gone("gone", Type.modify, 302),        

        /** 
         * 接受者或服务器不再使用这个地址进行联系(在XML字符数据的<gone/>元素中,这个错误节可以包含一个新的地址) ; 
         * 关联的错误类型应该为"modify"。 
         * 
         * The recipient or server can no longer be contacted at this address 
         * (the error stanza MAY contain a new address in the XML character 
         * data of the <gone/> element); the associated error type SHOULD be 
         * "modify". 
         */ 
         internal_server_error("internal-server-error", Type.wait, 500), 
        /** 
         * 服务器无法处理节,因为配置错误或其他未定义的内部服务器错误; 
         * 关联的错误类型应该为"wait"。 
         * 
         * The server could not process the stanza because of a misconfiguration 
         * or an otherwise-undefined internal server error; the associated error 
         * type SHOULD be "wait". 
         */ 
         item_not_found("item-not-found", Type.cancel, 404), 
        /** 
         * 无法找到需要的JID地址 或 item(项目) 
         * 关联的错误类型应该为"cancel"。 
         *  
         * The addressed JID or item requested cannot be found; the associated 
         * error type SHOULD be "cancel". 
         */ 
         jid_malformed("jid-malformed", Type.modify, 400), 
        /** 
         * 发送实体提供或连接到一个XMPP地址(例如, 'to'属性的值)或由于这方面(例如,资源标识符) 
         * 在在寻址方案中不遵守的已定义的语法(第3节) 
         * 关联的错误类型应该为"modify"。 
         * 
         * The sending entity has provided or communicated an XMPP address 
         * (e.g., a value of the 'to' attribute) or aspect thereof (e.g., 
         * a resource identifier) that does not adhere to the syntax defined 
         * in Addressing Scheme (Section 3); the associated error type SHOULD 
         * be "modify". 
         */ 
          not_acceptable("not-acceptable", Type.modify, 406), 
        /** 
         * 接收者或服务器不理解该请求,而拒绝处理它,因为它不符合被接收者或服务器定义的标准 
         * (例如,一个局部的方针,在消息中看作可接受的词); 
         * 关联的错误类型应该为"modify" 
         *  
         * The recipient or server understands the request but is refusing 
         * to process it because it does not meet criteria defined by the 
         * recipient or server (e.g., a local policy regarding acceptable 
         * words in messages); the associated error type SHOULD be "modify". 
         */ 
         not_allowed("not-allowed", Type.cancel, 405), 
        /** 
         * 收件人或服务器不允许任何实体完成该操作; 
         * 关联的错误类型应该为"cancel" 
         *  
         * The recipient or server does not allow any entity to perform 
         * the action; the associated error type SHOULD be "cancel". 
         */ 
         not_authorized("not-authorized", Type.auth, 401), 
        /** 
         * 发送者在被允许执行操作之前 必须提供正确的凭据,或已经提供不正确的凭据; 
         * 关联的错误类型应该为"auth" 
         * 
         * The sender must provide proper credentials before being allowed 
         * to perform the action, or has provided improper credentials; 
         * the associated error type SHOULD be "auth". 
         */ 
          payment_required("payment-required", Type.auth, 402), 
        /** 
         *  
         * 因为需要支付(认证),请求实体未被授权访问所请求的服务; 
         *关联的错误类型应该为"auth" 
         * 
         * The requesting entity is not authorized to access the requested 
         * service because payment is required; the associated error type 
         * SHOULD be "auth". 
         */ 
          recipient_unavailable("recipient-unavailable", Type.wait, 404), 
        /** 
         * 预期的收件人暂时没空(没在线); 
         * 关联的错误类型应该为"wait"。 
         * (注:应用程序不能返回这个错误,如果这样做会提供有关预期的信息收件人的网络 
         * 
         * The intended recipient is temporarily unavailable; the associated 
         * error type SHOULD be "wait" (note: an application MUST NOT return 
         * this error if doing so would provide information about the intended 
         * recipient's network availability to an entity that is not authorized 
         * to know such information). 
         */ 
         redirect("redirect", Type.modify, 302), 
        /** 
         * 接收者或服务器重定向这个请求另一个实体, 
         * 通常是暂时的(错误节应该包含备用地址,它必须是有效的JID ,在<redirect/>元素的XML字符数据) ; 
         * 关联的错误类型应该为"modify"。 
         * 
         * The recipient or server is redirecting requests for this 
         * information to another entity, usually temporarily (the error 
         * stanza SHOULD contain the alternate address, which MUST be a 
         * valid JID, in the XML character data of the &lt;redirect/&gt; element); 
         * the associated error type SHOULD be "modify". 
         */ 
         registration_required("registration-required", Type.auth, 407), 
        /** 
         * 请求实体未被授权访问所请求的服务,因为需要注册; 
         * 关联的错误类型应该为"auth"。 
         *  
         * The requesting entity is not authorized to access the requested 
         * service because registration is required; the associated error 
         * type SHOULD be "auth". 
         */ 
        remote_server_not_found("remote-server-not-found", Type.cancel, 404), 
        /** 
         * 远程服务器或指定的服务,不存在预定的接收者(的部分或全部的JID); 
         * 关联的错误类型应该为"cancel" 
         * A remote server or service specified as part or all of the JID 
         * of the intended recipient does not exist;  
         * the associated error type SHOULD be "cancel". 
         */ 
          remote_server_timeout("remote-server-timeout", Type.wait, 504), 
        /** 
         * 远程服务器或指定的服务,不能在一个适当的时间内联系到预定的接收者的部分或全部的JID(或须履行请求); 
         * 关联的错误类型应该为"wait" 
         *  
         * A remote server or service specified as part or all of the JID of 
         * the intended recipient (or required to fulfill a request) could not 
         * be contacted within a reasonable amount of time; the associated 
         * error type SHOULD be "wait". 
         */ 
         resource_constraint("resource-constraint", Type.wait, 500), 
        /** 
         * 服务器或接收者缺乏必要的系统资源到请求的服务 
         * 关联的错误类型应该为"wait" 
         * 
         * The server or recipient lacks the system resources necessary to 
         * service the request; the associated error type SHOULD be "wait". 
         */ 
          service_unavailable("service-unavailable", Type.cancel, 503), 
        /** 
         * 服务器或接收者目前不提供请求的服务; 
         * 关联的错误类型应该为"cancel" 
         *  
         * The server or recipient does not currently provide the requested 
         * service; the associated error type SHOULD be "cancel". 
         */ 
         subscription_required("subscription-required", Type.auth, 407), 
        /** 
         * 因为需要订阅,请求实体未被授权访问所请求的的服务; 
         * 关联的错误类型应该为"auth" 
         * 
         * The requesting entity is not authorized to access the requested 
         * service because a subscription is required; the associated error 
         * type SHOULD be "auth". 
         */ 
         undefined_condition("undefined-condition", Type.wait, 500), 
        /** 
         * 没有定义的条件 
         *  
         * The error condition is not one of those defined by the other 
         * conditions in this list; any error type may be associated with 
         * this condition, and it SHOULD be used only in conjunction with 
         * an application-specific condition.<p> 
         * 
         * Implementation note: the default type for this condition is 
         * {@link Type#wait}, which is not specified in the XMPP protocol. 
         */ 

      unexpected_request("unexpected-request", Type.wait, 400); 
        /** 
         * 没有预料的请求 
         *  
         * The recipient or server understood the request but was not 
         * expecting it at this time (e.g., the request was out of order); 
         * the associated error type SHOULD be "wait". 
         */ 

 

修改服务器名后出现错误,

解决办法:

1、登陆openfire管理页面,点击主页面下方“编辑属性”,修改服务器名称为当前主机名称,点击“保存属性”,重启服务器。 
2、 重启后,主页的“服务器属性”的‘服务器名称“出现叹号, 这是RSA认证无效造成的,对新的服务器进行RSA证书的配置。 
3、选择【服务器设置】菜单,选择左下方【服务器证书】,点击后面的删除按钮将两个证书全部删除。删除后重启服务器。 
4、重启后,系统提示“一个或更多的证书丢失。单击 这里 产生自定义签名证书”。点击后,自动生成和新的服务器匹配的RSA证书。 
5、 
重启服务器。 再次登录,主界面服务器名称的叹号消失,客户端可以正常登陆。



posted @ 2014-05-01 03:09  jhhu  阅读(879)  评论(0编辑  收藏  举报